ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » General Discussion » Application Level Security

Post new topic  Reply to topic
 Application Level Security « View previous topic :: View next topic » 
Author Message
scott9
PostPosted: Thu Dec 18, 2003 3:23 pm    Post subject: Application Level Security Reply with quote

Acolyte

Joined: 11 Jul 2002
Posts: 62
Location: Sacramento,CA
Sorry to reopen a topic that has been discussed ad nauseum. I reviewed several posts at this site regarding Application vs. Link level security, but I'm confused about one point.

We need the data encrypted on the queue, which implies application level security. With Application level security, does the APPLICATION have to encrypt the data, or can MQ do it. I read something about 3rd party products that can do this as an exit, but I'm interested to know if MQ (itself) has the capacity to encrypt data on the queues. (we have mq 5.3 CSD05 on Win2000).
Back to top
View user's profile Send private message
jefflowrey
PostPosted: Thu Dec 18, 2003 4:19 pm    Post subject: Reply with quote

Grand Poobah

Joined: 16 Oct 2002
Posts: 19981
Not out of the box, no.

You can write your own message exit, though.

Or even better, these days, your own API Crossing Exit.
_________________
I am *not* the model of the modern major general.
Back to top
View user's profile Send private message
EddieA
PostPosted: Thu Dec 18, 2003 4:45 pm    Post subject: Reply with quote

Jedi

Joined: 28 Jun 2001
Posts: 2453
Location: Los Angeles
Don't think a Message Exit can get to the message before it's on the Queue, which is what was required.

So, the API Exit (not z/OS) or the API-Crossing Exit (CICS only by my manual, but I thought they extended this ??) is the 'official' way to do it.

Some of the 3rd party products did it by providing replacement libraries/calls that intercepted the GET/PUT. Another way would be to have your own MQGET and MQPUT which does the encryption and then passes to the 'real' ones.

Cheers,
_________________
Eddie Atherton
IBM Certified Solution Developer - WebSphere Message Broker V6.1
IBM Certified Solution Developer - WebSphere Message Broker V7.0
Back to top
View user's profile Send private message
scott9
PostPosted: Thu Dec 18, 2003 4:51 pm    Post subject: Reply with quote

Acolyte

Joined: 11 Jul 2002
Posts: 62
Location: Sacramento,CA
I didn't mention this, but we're sending from OS/390 (will eventually be Z/OS) to Win2000. Does your message imply that the API Exit does not work with Z/OS?
Back to top
View user's profile Send private message
EddieA
PostPosted: Thu Dec 18, 2003 6:45 pm    Post subject: Reply with quote

Jedi

Joined: 28 Jun 2001
Posts: 2453
Location: Los Angeles
That was taken straight from the manual.

Cheers,
_________________
Eddie Atherton
IBM Certified Solution Developer - WebSphere Message Broker V6.1
IBM Certified Solution Developer - WebSphere Message Broker V7.0
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » General Discussion » Application Level Security
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
  
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.